WordPress Social Media Shortcodes plugin <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Social Media Shortcodes versions = 1.3.0...

EUVD-2024-33957

Malicious code in bioql PyPI...

CVE-2025-10166

The Social Media Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'twitter' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress Social Media Shortcodes plugin cross-site scripting vulnerability

WordPress Social Media Shortcodes plugin is a shortcode Shortcodes to quickly embed social media features into the WordPress website plugin, mainly used to simplify the implementation of social media sharing, login, comments and other features. A cross-site scripting vulnerability exists in the...

CVE-2025-10166

CVE-2025-10166 describes a Stored Cross-Site Scripting flaw in the WordPress plugin Social Media Shortcodes (versions up to and including 1.3.1). The vulnerability arises from insufficient input sanitization and output escaping on user-supplied attributes of the plugin’s twitter shortcode, enabli...

CVE-2025-10166 Social Media Shortcodes <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Social Media Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'twitter' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-10166 Social Media Shortcodes <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Social Media Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'twitter' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

PT-2025-38098

Name of the Vulnerable Software and Affected Versions: Social Media Shortcodes plugin for WordPress versions up to and including 1.3.1 Description: The Social Media Shortcodes plugin for WordPress is susceptible to Stored Cross-Site Scripting through the plugin’s twitter shortcode. Insufficient...

WordPress plugin Social Media Shortcodes 跨站脚本漏洞

WordPress Social Media Shortcodes plugin is a shortcode Shortcodes to quickly embed social media features into the WordPress website plugin, mainly used to simplify the implementation of social media sharing, login, comments and other features. A cross-site scripting vulnerability exists in the...

WordPress Social Media Shortcodes plugin <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Social Media Shortcodes versions = 1.3.1...

CVE-2024-11871

The Social Media Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'patreon' shortcode in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-11871

The Social Media Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'patreon' shortcode in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-11871 Social Media Shortcodes <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Social Media Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'patreon' shortcode in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-11871 Social Media Shortcodes <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Social Media Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'patreon' shortcode in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-11871

CVE-2024-11871 is a stored XSS vulnerability in the WordPress plugin Social Media Shortcodes (versions up to 1.3.0) via the plugin’s patreon shortcode. The issue arises from insufficient input sanitization and output escaping on user-supplied attributes, allowing an authenticated attacker with co...

PT-2024-17308 · WordPress · Social Media Shortcodes

Name of the Vulnerable Software and Affected Versions: Social Media Shortcodes plugin for WordPress versions up to, and including, 1.3.0 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'patreon' shortcode due to insufficient input sanitization and output escaping...

WordPress plugin Social Media Shortcodes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...